Total
5456 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0607 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0608, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618. | ||||
| CVE-2013-1335 | 1 Microsoft | 2 Word, Word Viewer | 2025-04-11 | N/A |
| Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code via crafted shape data in a Word document, aka "Word Shape Corruption Vulnerability." | ||||
| CVE-2011-0092 | 1 Microsoft | 1 Visio | 2025-04-11 | N/A |
| The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that accesses an object that has not been fully initialized, which triggers memory corruption, aka "Visio Object Memory Corruption Vulnerability." | ||||
| CVE-2013-3178 | 1 Microsoft | 1 Silverlight | 2025-04-11 | N/A |
| Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted Silverlight application, aka "Null Pointer Vulnerability." | ||||
| CVE-2010-1169 | 2 Postgresql, Redhat | 2 Postgresql, Enterprise Linux | 2025-04-11 | N/A |
| PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447. | ||||
| CVE-2010-1248 | 1 Microsoft | 2 Excel, Office | 2025-04-11 | N/A |
| Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability." | ||||
| CVE-2013-1637 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events. | ||||
| CVE-2010-4884 | 1 Hinnendahl | 1 Gaestebuch | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaestebuch 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter. | ||||
| CVE-2013-0007 | 1 Microsoft | 15 Expression Web, Groove Server, Office and 12 more | 2025-04-11 | N/A |
| Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability." | ||||
| CVE-2012-6465 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image. | ||||
| CVE-2011-3403 | 1 Microsoft | 2 Excel, Office | 2025-04-11 | N/A |
| Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability." | ||||
| CVE-2012-0182 | 1 Microsoft | 1 Word | 2025-04-11 | N/A |
| Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Word PAPX Section Corruption Vulnerability." | ||||
| CVE-2012-6535 | 1 Djvulibre Project | 1 Djvulibre | 2025-04-11 | N/A |
| DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file. | ||||
| CVE-2012-6046 | 1 Phpenter | 1 Php Enter | 2025-04-11 | N/A |
| Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter. | ||||
| CVE-2012-5973 | 1 Ca | 1 Xcom Data Transport | 2025-04-11 | N/A |
| CA XCOM Data Transport r11.0 and r11.5 on UNIX and Linux allows remote attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2012-5231 | 1 Jessgramp | 1 Minicms | 2025-04-11 | N/A |
| miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted (1) pagename or (2) area variable containing an executable extension, which is not properly handled by (a) update.php when writing files to content/, or (b) updatenews.php when writing files to content/news/. | ||||
| CVE-2012-1522 | 1 Microsoft | 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more | 2025-04-11 | N/A |
| Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability." | ||||
| CVE-2012-6329 | 2 Perl, Redhat | 2 Perl, Enterprise Linux | 2025-04-11 | N/A |
| The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6. | ||||
| CVE-2012-5537 | 2 Drupal, Simplenews Scheduler Project | 2 Drupal, Simplenews Scheduler | 2025-04-11 | N/A |
| The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling form, which is later executed by cron. | ||||
| CVE-2011-1265 | 2 Bluetooth, Microsoft | 3 Bluetooth Stack, Windows 7, Windows Vista | 2025-04-11 | 8.8 High |
| The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth packets, aka "Bluetooth Stack Vulnerability." | ||||